<?php
$allowtype = array("gif", "png", "jpg");   
    $size = 1000000;           
    $path = "../../public/pic";                    
    if($_FILES['pic']['error'] > 0) {    
        echo '上传错误: ';
        switch ($_FILES['pic']['error']) {
            case 1:  die('上传文件大小超出了PHP配置中的约定值：upload_max_filesize');  
            case 2:  die('上传文件大小超出了表单中的约定值：MAX_FILE_SIZE');  
            case 3:  die('文件只被部分上传'); 
            case 4:  die('没有上传任何文件'); 
            case 6:  die('找不到临时文件夹');
            case 7:  die('文件写入失败');
            default: die('末知错误');
        }
    } 
    $pfile = $_FILES['pic']['name'];
    @$hz = array_pop(explode(".", $pfile));
    if(!in_array($hz, $allowtype)) {
        die("这个后缀是<b>{$hz}</b>,不是充许的文件类型!");
    }
    if($_FILES['pic']['size'] > $size ) {
        die("超过了充许的<b>{$size}</b>字节大小");
    }
    $filename = time().".".$hz;
    $dz = $path.'/'.$filename;
    if (is_uploaded_file($_FILES['pic']['tmp_name'])) { 
        if (!move_uploaded_file($_FILES['pic']['tmp_name'], $dz)) {  
            die('问题: 不能将文件移动到指定目录。');
        }
    }else{
        die("问题: 上传文件{$_FILES['pic']['name']}不是一个合法文件: ");
    }

$lid  = $_POST['lid'];
include_once "../public/head.php";
@mysql_connect('localhost', 'root', 'root');
mysql_select_db('blog');
mysql_set_charset('utf8');
$sqla ="select `name` from `lanmu` where id='$lid'" ;
$resa = mysql_query($sqla);
$rowsa = mysql_fetch_assoc($resa);
$fenlei  = $rowsa['name'];

$id      = $_POST['id'];
$title   = $_POST['title'];
$content = $_POST['content'];
$state = $_POST['state'];
@mysql_connect('localhost', 'root', 'root');
$errno = mysql_errno();
if (mysql_errno()) {
    die("$errno" . mysql_error());
}
mysql_select_db('blog');
mysql_set_charset('utf8');
$sql = "update writing set `title`='$title',`content`='$content',`state`='$state',`pic`='$filename',`fenlei`='$fenlei' where id=$id";
$res = mysql_query($sql);
if ($res) {
    echo "<script>alert('修改成功');window.location.href='index.php'</script>";
} else {
    echo "<script>alert('修改失败');window.location.href='update.php'</script>";
}

mysql_close();
